On 04/16/2013 02:29 PM, Anand Avati wrote:
Not considering filesystem has the following limitation. Support
for SELinux in FUSE is dependent on the particular userspace
filesystem, which is identified by the subtype. For e.g, GlusterFS,
a FUSE based filesystem supports SELinux (by mounting and processing
FUSE requests in different threads, avoiding the mount time
deadlock), whereas other FUSE based filesystems (identified by a
different subtype) have the mount time deadlock.
By considering the subtype of the filesytem in the SELinux policies,
allows us to specify a filesystem subtype, in the following way:
fs_use_xattr fuse.glusterfs gen_context(system_u:object_r:fs_t,s0);
This way not all FUSE filesystems are put in the same bucket and
subjected to the limitations of the other subtypes.
Signed-off-by: Anand Avati <avati@xxxxxxxxxx>
---
security/selinux/hooks.c | 46 ++++++++++++++++++++-----------------
security/selinux/include/security.h | 2 +-
security/selinux/ss/services.c | 7 +++++-
3 files changed, 32 insertions(+), 23 deletions(-)
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
index b4feecc..3c6cbba 100644
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -2329,17 +2329,22 @@ out:
*/
int security_fs_use(
const char *fstype,
+ const char *subtype,
unsigned int *behavior,
u32 *sid)
{
int rc = 0;
struct ocontext *c;
+ char type[32];
Why is 32 bytes enough?
read_lock(&policy_rwlock);
c = policydb.ocontexts[OCON_FSUSE];
+ snprintf(type, 32, "%s%s%s", fstype,
s/32/sizeof type/
Check for truncation?
+ (subtype ? "." : ""), (subtype ? subtype : ""));
+ type[31] = 0;
while (c) {
- if (strcmp(fstype, c->u.name) == 0)
+ if (strcmp(type, c->u.name) == 0)
break;
c = c->next;
}
If you do not find a match on the fstype.subtype string, shouldn't you
retry with just the fstype string? Just in case there was in fact a
fs_use rule for the fstype?
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
